Networking Basics CourseA summary of the material needed for a HTM
technician in the field.
We will cover
● Introduction of Presenter● Basics of why we use networks● WINS / Name Driven Networking● TCP and the Internet Protocol● Subnetting and Port Forwarding● Wireless and Troubleshooting
Introductions - Who Am I?Garrett Seeley - Associate Professor Biomedical Equipment Technology, Texas State Technical College - since 2008
● Master of Science in Information Systems○ Texas A&M University - Central Texas,
Killeen, Texas● Bachelor of Applied Science and Technology in
Biomedical Electronics○ Thomas Edison State College, Tenton, New
Jersey● Medical Equipment Repairer 35G/91A
○ United State Army Medical Equipment and Optics School
● Certifications○ CBET○ A+ IT technician○ Network+
Certified
Who is TSTC?
● A technical school chain ran by the State of Texas○ 10 campuses statewide - 2 for Biomedical Equipment○ Regionally Accredited as a 2 year college (SACS)○ TSTC Waco is on the old John B Connally Airbase○ Waco has On Site Housing.○ 18k Average tuition costs for a degree (in state)○ Visit us on the web ! https://www.tstc.edu/
Introductions - The BET Department at TSTCOur program data:
● Waco offers 2 degrees - Biomedical Equipment Technology and Medical Imaging Systems. Each is a separate 2 year Associates of Applied Science - 60 credits. Taken concurrently = 2.5 years for 2 AAS degrees.
● The system graduates about 70 BET students per year, Waco Biomedical Equipment Technology graduates about 50 students per year
● There is no waiting list to enroll. There are no requirements to enter.● Completion of students is increasing, around 50%, Placement is over
90%● BET program has over 3 million dollars of actual hospital equipment to
learn on - project based learning using job tasks to instruct.https://waco.tstc.edu/programs/BiomedicalEquipmentTechnology
Why Do We Use A Network?
Using a computer – Recall that…
But what if someone else wants to see a picture that is on Mom’s computer?
***Image
Not Found
***
Mom’s Computer Son’s computer
Lets Add a Network Interface Card
Success!!
Mom’s Computer Son’s computer
Ad-hoc Wireless or physical Crossover Cable
A Network Interface Card or NIC give a device the ability to use a network
What if another person wants access to my files? Build a bigger network.
• Use a Switch (or a Hub) to connect all machines directly.
• Q: What is the down side of this network?
Mom’s Computer
Son’s computer
Dad’s computer
A Switch – connected by standard cabling (not a crossover cable)
Mom’s system must be on
Basic Peer-to-Peer Networking
This is a crude Topology – a map representing a network connecting computers
Lets fix the down side and share a NAS
• Network Attached Storage (NAS)– a hard drive attached directly to the switch – shared to machines
Mom’s Computer
Son’s computer
Dad’s computer
A Switch –connected by standard cabling (not a crossover)
I upload the file to the NAS
Others download the file when they want
Basic Client - Server Networking
Client
Clients
Server
What do we need to make the network?
• A Switch provides the backbone – a connection between clients and servers that all devices use to communicate to each other. A backbone may have multiple switches or other hardware in it. It is the main path for data on a local network. Switches work as repeaters and sorters, copying the messages and sending them ONLY to the device that needs it. It knows the device using a MAC address (a Local ONLY address). This is also called the Physical Address. It is not adjustable. It works on Layer 2 of the OSI model
What do we need to make a network?
Ethernet connections (802.3)– provides the connection to the backbone/switch. These connectors use a bandwidth – the amount of data that we can send at one time. A bit is a “1” or a “0”. We send Millions of bits per second (Mbps).
Cabling (LAN) Info:
Copper wiring – 10/100/1000baseT.
Base = baseband (digital signals)
The first number lists the speed in Mbps
The T means twisted pair cable, listed in Categories (Cat)
10Mbps = Cat 3,100Mbps = Cat 5e, 1000Mbps = Cat 6, - all look the same!
We can use Fiber Cabling – for 10 or 100 Gbpsnetworks. This is 10gbaseFx (up to 10000 times faster than copper!)
What do we need for wireless?Wireless connections (802.11) – Uses a radio to transfer information to and from a client without using any wiring. It is still measured in Bandwidth but the radio frequency is important . There is a security concern as well.
Wireless (WLAN) Info:
Requires an Access Point (AP) to act as the backbone.
Uses a Radio transmission cover 2.4Ghz and 5Ghz bands
Uses channels – can only operate a limited number in the same area. 2.4Ghz can operate channels 1 - 11 (actually 3)5Ghz can operate
Transmits in 11, 54, 300 Mbps, 1.7, and now 3.4 Gbps. These are the B, G, N, AC, and AX transmission speeds
Must be secured (encrypted) or it is easy for hackers to “listen in” to the transmission.
What else do we need?
For example: NAS – Network Attached Storage –A server with a hard drive that shares its resources over the network.
We will need the computers and servers to build our network
Now… how do we set up a network?
Actually, that is another part of the slide show.
But first… any Questions?
How Do We Set Up Networks?
Seriously, its not as hard as people think.
Here is why networks aren’t that hard
• You are already used to one. –I’ll prove it to you!!!
• Why does this work?254 – 867 – 4885
Area Code
City Code
Individual Number
Q: Why don’t we all have the same number?
A: Because everyone’s phone would ring at the same time
Q: Well, what’s wrong with that? A: It would upset everyone to have all phones ringing at the same time
This is why we are all not named “Bob”, but it would be easier to remember everyone’s name if we all had the same one.
This identifies the Group
Well, how does that apply to networking?
The phone system is a networkIt does what all networks do – It identifies a group and identifies an individual
254 – 867 – 4885
Area Code
City Code
This identifies the Individualnumber
Well, what about this: [email protected]
Ok, again, how does this apply to networking?
• All networks identify the group of devices (Clients, servers, computers, switches routers, printers). They identify them as one whole group. This is usually with either a name for the group or a number for the group.
• All networks identify each individual in the group with a unique name or number.
There are different ways to network – they are called Protocols – A Protocol is way to network machines – Think of it like speaking
a language
Let’s look at WINS protocol, Windows Internet Naming System; Also called Samba – (in Linux) , and Appletalk in Mac Systems (all the same)
The first network we will study is WINS
• WINS uses a group name – called a “Workgroup” • WINS uses a individual name - called a ”Computer
Name” or “Host Name”
What does WINS do for me?
I can share files, folders, drives, printers, and other devices if we are in the same workgroup.
We call this a simple file share.
WINS shares folders and resources
These are folders under the “E-SMITH-SERVER” share
This is what it looks like when you attach one of the folders under the “Map a drive” option (Windows 7) or “Add a network location” (Windows 10) in “Computer” file system in Windows
A NAS looks like this
WINS also shares devices like printers
This is what shared devices look like
• Shared printer icon from Windows XP
Shared printers in Windows 7 and 10
WINS is similar to business grade networks
• It is similar to Active Directory, but do not confuse the two.
• Active Directory uses a login server and controls which users have access to devices and clients.
In active directory, all computers are under a structure called a “forest”. Only certain users can log into specific machines. The group of machines a user can access is called a “tree” (used as a workgroup). This is actually how most businesses are set up.
Understanding Active Directory• There are permissions set to a login, a machine, and a
domain (a workgroup of machines)– Here is the easiest way to understand it – A login with its password
verifies the user is authentic and authorized to use these host names on this domain.
– These settings are held in a server called the “Active Directory”
• Uses two main security concepts – Authentication and Authorization– User name and password assures the user is who they say they are
• Authentication (Login) security is “Something you have, Something you know, Something you are”
• Authorization security is “This login can do this with these things”
WINS is used along side of the Internet
Its odd, but Name-Driven networking is for Local traffic (LAN-Local Area Network) connections only. The Internet is called a Wide Area Network (WAN)
Remember Protocols?WINS does not affect any other protocol. It works along side them.
It is a LAN Only network protocol –does not give Internet access
Well, what do we need to get my WINS network to the internet?
• Short answer? More slide show. • The Internet uses a different protocol, the TCP/IP protocol.
Remember a protocol is like using a different language• There are a whole new set of set-up instructions, hardware, and
commands used.
Any Questions???
TCP/IP Networking
What is it and how to I make it work?(FYI: we are going to study IPv4. IPv6
is easier if you know IPv4)
Most people have seen IP’s used
They just didn’t know it.• IP’s are used on web pages to access the internet. • They are used for both local (Local area network –
LAN) and Internet (Wide Area Network – WAN) networking
• We use something called DHCP to set the IP for you automatically. You did not need to know it. – This is a “Lease” the IP is only good for 2 to 12 hours. – It is only good on that network, or that wireless
access point– Its what we call Dynamic IP Addressing – it changes.
Its automatic, why do I need to know it?Because we can’t always use TCP/IP in DHCP mode. Sometimes the IP has to stay permanent• What if you need to always be at the same
IP for a program or a service to work? • What if I need to get IP or web information
from your machine? • What if you need to use a specific IP for
security settings (such as required in DICOM, HL7, ECG streaming) such as in Patient Monitoring?
In these cases, we can’t use automatic setting. We need Static IP Addressing – the IP will not change
We use Static TCP/IP in Hospitals.
Where is it no so important to use Static IP?
Things that use WINS or Active Directory –Electronic Medical Records (EMR) Workstations only (Servers need Static IP)
Static IP’s are mainly used on:Patient Monitors Medical Imaging SystemsThe Servers receiving all this dataDICOM Workstations
How do we set it up? Recall WINSTCP/IP is like a phone number• It has a group Identifier part and a
individual part254 – 867 – 4885
Area Code
City Code
Individual Number
• Remember that phone would ring at the same time if we had the same number. Therefore, we need to have a Unique Individual part of the number.
• We want to talk within our group, therefore we need the same group part of the number
TCP/IP Uses Numbers
IP: 172.016.001.101
Subnet: 255.255.000.000
• TCP/IP is like a phone number - It uses 2 parts. 254 – 867 – 4885
Area Code
City Code
Individual Number
This is the IP number. It tells you the Network (Area Code) number AND the Host (Individual) number
This is the Subnet number. It tells you the where to draw the line between the host and network numbers. Simply draw a line after the Last “255”
Network Host IP’s are listed in 4 groups of numbers. These numbers, called Octets are between 000 and 255 for both the IP and subnet.
Lets Talk about drawing lines – here are common ones
To understand an IP network:1. Write down both the IP and
subnet for a network – TCP/IP needs both
2. Draw a line after the last “255” in the subnet. The subnet separates the network number from the host number.
3. All machines must have the same network number to work
4. All machines must have a unique host number.
IP: 010.010.001.101Subnet: 255.000.000.000
IP: 192.168.001.101Subnet: 255.255.255.000
IP: 172.016.001.101Subnet: 255.255.000.000
Network Host
Network Host
Network Host
Classful networks – Local Area Networks (LAN)
• These are common networks used in the Hospital IT environment. They follow the “Classful” rules.
• These IP’s do not appear on the Internet
• Routers (and switches) know this is local traffic only.
• IT compliance is Voluntary
IP: 192.168.001.101Subnet: 255.255.255.000
IP: 172.016.001.101Subnet: 255.255.000.000
Network Host
Network Host
Network Host
Class A – Large Networks – up to 16.7 Million computers
Class B –Midsized Networks – up to 65 Thousand computers
Class C – Small / Residential Networks – up to 255 computers
IP: 010.010.001.101Subnet: 255.000.000.000
Classless networks - Wide Area Networks (WAN)
• If there is a different number used for an IP, the IP is probably (this is voluntary) a real internet address. The router can easily tell “this has to leave the network and go to the Internet Service Provider (ISP)”
• This is the job of a Router. • Routers act as Gateways,
connecting networks to the internet.
IP: 192.168.0.105?
“This is Local”
IP: 216.58.218.164?
“This goes to the Internet”
“The Real Internet”
Set this into Windows
Select:1. Control Panel - > Network
and Internet -> Network and Sharing Center - > Change adaptor settings
2. Network Adaptor (right click on it) - > Properties
3. Highlight “Internet Protocol version 4 (TCP/IP v4) -> Properties
Right click on this
1.
2.
3.
That brings up the menu to set in the
IP infoSet your IP address in this area.• Must work with the LAN IP’s (Network)• Must be unique (Host)
For the Subnet, keep it simple. • Use the same subnet as the router
and other machines on the network
• Keep in mind that this tells your machine which IP part is network and which is host.
So, is IP and Subnet it for the settings?... No
Well, yes and no. That is it for settings on the LAN side of TCP/IP. Let’s say we have IP’s and subnets set. This is what a LAN may look like.If all of these are talking to each other… that’s great! Now we need to tell the machine how to access the internet (if needed).
What happens when this replaces the file server?
This is a simple diagram of a web deployed PACS server. It is hosted by a remote company for the hospital.
The medical imaging devices called “Modalities” have to send to a remote server through a gateway.
A Gateway is a server that connects 2 different networks. (HIS to WAN)
The Gateway is the way off your LAN and to the Internet
This is a very popular setting. We use the Internet in a lot of different places..
But wait, there’s more, (unless you want to memorize IP numbers)
Think about websites. We go to https://www.facebook.com , but the computer thinks https://31.13.80.49.
How does it know which “number to dial” when given a name? It usually goes through a web service.
The Domain Name Service (DNS) is the internet’s phone book. It gives us the number when given a name
DNS = the Internet IP phonebook
When a router is given a name ,E.g. http://www.facebook.com, the machine actually needs a number to go to the web page. It asks the router (or a server) for the IP number for the name (http://www.facebook.com). The DNS service looks up what it knows. If it does not know, it asks the router it connects to. Eventually, a router or server knows (http://www.facebook.com = http://31.13.80.49 ) this information is returned to your web browser. Then the web browser goes to http://31.13.80.49 and ends up on Facebook
All of that so that we can share our feelings on silly cat picture. Well… Ok… It does more.
That brings us back to this menu
The Gateway needs to be the one machine that everyone in the LAN goes through to get to the internet.• Usually we use the router IP here.
The DNS is the router or server that will give all internet IP numbers to the computer (one at a time as needed). • When in doubt, use the router IP
here as well.
What to do if I see “Weird things”
• IP’s can get complicated. There is actually an entire 4-year degree around making IPs work (Network Admin)
• Sometimes Admins use different subnets. E.g. Subnet: 255.255.240.0– If you see this, what they are doing here is
extending the hosts to more than the last octet.
IP: 172.016. 015. 101Subnet: 255.255. 240. 000
Use a Subnet Calculator - http://www.subnet-calculator.com/
HostNetwork
Subnet
The easy answer is to ask IT or experienced BET’s for help when you see this!
WOW. That’s deep! Do we need to continue?
• No, not really. That’s the basics and for those that need a break, let’s have an intermission.
• We’re half way through. There is more slide show. • When we come back, We will do:
– Subnetting, VPN, Port Forwarding– Wireless Networking
Any Questions???
Subnetting, VLANs, and Port Forwarding
How we segment and secure networks
Subnetting isn’t unusual, it is just traffic control
This is a simple model for basic
TCP/IP numbers using a class B network. It assumes the Subnet always has either a 255 or a 000 in its numbers.
What happens when the Subnet numbers change to something like 255.255.240.000 ?
Subnetting Traffic into different rangesIn the case of a Subnet 255:254:000:000, the subnet number 254 becomes the like the city code. Is a city code always local? Is it always long distance? Sometimes.
IP: 172.016.001.101
Subnet: 255.255.240.000
Area CodeCity Code
Individual Number
Network Subnet Range Host
In this case, the Network numbers separate all networks
The Host give all machines a unique number in their Subnet
However, the Subnet itself breaks up the bigger network into smaller networks.
What are the ranges? Well… its BinaryI mean the subnet is a length of 1’s and 0’s. All IP’s are. For a Class B network, the Subnet Mask numbers are as follows:
https://www.pantz.org/software/tcpip/subnetchart.html
Number of sub -networks
That number in Binary is:
Subnet bits(-1 and flip it)
Subnet Mask(In Decimal)
Mask Bits
Number of hosts per subnet
2 0000 0010 1000 0000 255.255.128.000 /17 32766
4 0000 0100 1100 0000 255.255.192.000 /18 16382
8 0000 1000 1110 0000 255.255.224.000 /19 8190
16 0001 0000 1111 0000 255.255.240.000 /20 4094
32 0010 0000 1111 1000 255.255.248.000 /21 2048
And it continues on….
What are “Mask Bits”? Well, subnets are all 1’s and zeros. Remember when I said a subnet with 16 sub networks in binary is 1111 0000, which is 16 -1 = 15 in binary 0000 1111 and then flipped to 1111 0000, that is the 3rd octet.
The subnet actually is 255.255.240.000.
This means the actual number is
1111 1111. 1111 1111. 1111 0000. 0000 0000
I bet you see the line for the network now. How many 1’s are there? 8 + 8 + 4 = 20. There are 20 bits
If I represent that in a short hand called Mask bits, that is a /20
Network Host
Why this is done:
We set up a hospital to run as smaller subnetted areas
Each Box is a separate network.
There are 6 subnets What type of numbers do we need?
For Example - Subnet with a /19 networkWe need 6 networks, but we can’t do that in the numbering scheme.. We have to use a larger network then and leave the extra numbers for future growth. Use the online subnet calculator to make this easier. http://www.subnet-calculator.com/
Our IP range is anything between 172.016.000.001 to 172.16.031.255 is in the same network and can talk to each other without needing a router.
Our Subnet needs to be 255.255.224.0It handles 8 sub-networks of 8190 hosts per network.
VLAN - What is this? (Virtual Local Area Network)
There is only 2 things you need to know about VLAN #1 - It is replacing switches and cabling. #2 - You need a programmable switch to do it. VLAN is mainly for switches!
Virtual Local Area Networks - Before and After
Before VLAN With VLANs
VLAN terms Tagging- We put a header in front of the data and say “this is for VLAN 10” or “ this is for VLAN 20” Untagging - Data that is not given a header
Trunk - One line is tagged and left as a trunk to share data for both VLAN’s - this reduces cabling. (CISCO Term)
https://www.thomas-krenn.com/en/wiki/VLAN_Basicsand https://www.youtube.com/watch?v=aBOzFa6ioLw
What is port forwarding?
Port forwarding is sending a communication from the outside of a router in to the network. This is different from a communication that starts inside the network, this will come from the internet (outside the network). To understand this, we have to start with a port. A port is a location of software on a computer.
We use ports to tell what the traffic is and which software it needs.
SSH - Secure Shell - Port 22Telnet - Port 23SImple Mail Transfer Protocol - Port 25DNS - Domain Name Service - Port 53Hypertext (HTTP or Web) - Port 80Secure HTTP (Https) - Port 443
File Transfer Protocol (FTP) Port 20, 21DICOM - Ports 104, 2221, 11112, 3321WINS and NetBIOS - Ports 135, 137-139Medical Device Com. - Port 6464https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Communication enters or leaves by a Port
It is a Software Port, not a physical Port
● This is the job of the router. ○ It either blocks the communication (default setting) or
it sends the message to the right IP inside the network● We tell it how to forward the information from
outside to inside ○ Who needs what port information
This is needed for older routers and gaming systems, like an XBox. And for any Hospital VPN
**Note** People outside your LAN do not use the IP of the machine they are trying to reach. They use the Router IP instead.
Setting up port forwardingIts different for each router, ● Look for the port forwarding part of the router ● Set up a basic port forward to an internal IP. ● Tell the machine the External Port and the Internal IP.● Tell it if the communication TCP , UDP, or both
Do not use DMZ unless you have to.
What is the end goal of Port Forwarding?
To set up a lab like this:
The trick here is to get a signal to the server from behind a different router. The number scheme will be very different.
● Use different subnets to separate the networks into 3 subnets
● Forward requests to the server through its router -use the router external IP
ServerClients
Bringing it all togetherTry to set up 3 personal labs at home to learn this. ● Set up a IP using a Subnetted IP . Manually set the IP’s.
● Given a Programmable Switch that has basic VLAN settings, make a VLAN and show that there is a separation of the traffic.
● Given a router, place a server behind a router and connect it to your VLAN. Use port forwarding to sent a signal from the clients on a different LAN to your Server
You will need:2 Computers3 RoutersA Home network
I suggest a Linksys WRT54G loaded with DDWRT or Tomato Software
Let’s have a brief pause for questions
We only have one more section to go!
Nearly There!!
But, we need to cover wireless next.
How to use Wireless Networks
We’re just replacing cables.
First thing to know about wireless
• It uses TCP/IP and WINS– The main point of wireless is not to
replace the protocols we mentioned before. Wireless networking just replaces the Cabling
– Wireless uses a radio transmitter to connect devices instead of a cable. Anyone can hear the conversation.This is why we use encryption
– Wireless is affected by noise and other wireless systems
What hardware do we need?
You have to use a wireless adaptor. This can be a card, a USB adaptor, or built in wireless cards. It has to work with the wireless Access Point (AP) (usually a wireless router). This adaptor shows up as a separate NIC.
Wireless Router Wireless adaptors (NIC)
Wireless Access point
What settings do we use?
Configure the wireless router or access point using a web page for the router. You have to connect directly to the router
What are the settings for Wireless?
The most important settings are the SSID, the Channel, and the Security
This setting turns on the radio and selects what speed to use B,G,N, AC, AX, or mixed
What is B,G,N, AC, or AX mode
Mode Speed Freq
B 11Mbps 2.4Ghz
G 54Mbps 2.4Ghz
N 300Mbps 2.4 and 5 Ghz
AC 1.7 to 3.5 Gbps
5 Ghz
AX 3.4 to 14 Gbps
1, 2.4, 5, 6 Ghz
Mixed Whatever the client says they can do
It is the speed of the network
SSID = the Name of the broadcast (AP)
Set the SSID so that people see the name of the access point
– This does not have to be broadcast.
– If it is set to “not broadcast”, people see this…
– … they have to add the name of the SSID to join the network –this is a crude password approach.
Find an open channel
• Make sure you choose one not being used!• Do a “Site Scan” It gives results like this.
This is a open channel
This Channel is being used
Keep in mind channel overlap
2.4 Ghz channels have 12 channels 1 through 11, but most interfere with each other. In application, we only have 3 channels. 1, 6, and 11
This is a 3rd party program to scan SSID’s
InSSIDer shows stuff like this 5 GHz band... Or this Dual Band N broadcasting SSID. See how congested the 2.4 GHz frequencies get?
Use security settings to encrypt• When mentioning security, think
“Encryption”– There are 3 basic types:
• WEP –Uses a Hex Key password• WPA – TKIP Encryption• WPA2 – a beefier version of WPA
– Uses AES encryption
• WPA and WPA2 both use passphrases
Set the security to what you preferIt is a give and take between “more accessible” and “hard to crack”• Use WEP, WPA personal or WPA2 personal. WPA / WPA2 means it tries both.• Encryption: TKIP is older but more accepted. AES is stronger. TKIP/AES means it tries both• The Shared Key needs to be a strong password• The Key renewal forces the system to drop the existing key and shifts to a new
encryption
Security is only as strong as the password
Use “Strong Passwords”– At least 8 characters in length– Use upper and lower case letters– Use at least one number– Use at least one special character
I suggest “leet speak” replace vowels with these characters and “text speak” common words, Capitol the 1st letter.
“You will not crack this” becomesuW1llN0tCr@ckTh1s
That’s It, you should be able to access the Wireless network.
Final Questions???
We reviewed● The basics of networking ● How to set up WINS● Setup and use of TCP/IP● Advanced Subnetting● Port Forwarding● VPN usage● Wireless Networking Setup